IT Security While Traveling
Traveling abroad presents additional risks related to the theft of devices and data. Connecting from unfamiliar locations and networks imposes a new threat landscape from what you traditionally are exposed to. Please consider where you are traveling, what devices you are taking, and what data you have access to through those devices during your trip. The Information Security Office has provided guidelines for employees who work while traveling in order to best protect the institution.
-
Identify risk advisories for your destinations by viewing the Travel Advisories posted by the U.S. Department of State and familiarize yourself with Secure Workspace Practices prior to departure.
-
Remove sensitive data from the devices you are bringing with you. Limit the number of devices and amount of data you travel with to reduce the risk of exposure. Use temporary devices if possible, such as a University loaner device or disposable pre-paid devices as opposed to regular personal or work devices.
-
Limit the number of devices and amount of data you are traveling with. Remove sensitive data from the devices you are bringing with you. Sensitive data should not be stored on a local device; opt for storing in a secure OneDrive/SharePoint site instead.
-
Configure encryption on your devices. The IT Service Desk can assist with University owned devices. For personal laptops, consider BitLocker for Windows or FileVault for Mac. Some foreign countries restrict the use of imported encryption software, so please research the software import laws of your destination country.
-
Prepare multi-factor authentication for as many services as possible.
-
For Ohio University, you can enable multi-factor authentication for all eligible services to provide the most protection to your account. (Under "Enable Multi-Factor Authentication for", select "All eligible services” and click save.)
-
Set up Multi-factor Authentication for non-OU and personal services like banking, social networks, and email as well.
-
Set up VDI for working remotely. We strongly encourage individuals working while traveling to use VDI in Lieu of VPN.
-
Configure Ohio University's Campus VPN.
-
Request a temporary account (travel service account) to use while traveling. This reduces risk as your regular email account can be configured to forward to this service account for the duration of your stay, therefore you will not have to access using your direct account.
-
Make sure your devices’ operating system and software are up to date.
-
Ensure anti-virus is installed and enabled.
-
Have a current back up of your devices.
-
Use strong passwords. Avoid dictionary words and add special characters. For cell phones, use alpha numeric or a passphrase instead of PIN entry.
-
Turn on "Find My Device" services and similar remote wiping services if available for your device.
- Keep your devices in sight at all times.
- Be cautious when connecting to public Wi-Fi. Use cellular data when possible but be mindful of roaming charges.
- Disable services like Bluetooth and Wi-Fi on your device when not in use.
- Use multi-factor authentication and a VDI when accessing information online.
- Avoid public computers, such as in internet cafes.
- Clear your internet browser after each use. (Delete history files, caches, cookies, etc.)
- If any of your devices are stolen, report it immediately to the local US Embassy or Consulate. If it was an Ohio University device or held Ohio University data, contact the Ohio University Information Security Office (security@ohio.edu or 740-566-7233) in addition to the local US Embassy or Consulate.
- Change your passwords for any credentials you used when traveling.
- Return any loaner devices.
- If you used a temporary travel account, ensure that the forwarding has been removed.
- Run an anti-virus scan on your devices.